Access in-depth special reports dedicated to key trends and developments affecting Electronic Payments globally. All reports are editorially independent and designed to provide unique insight.

Company & Market profiles, Exclusive interviews, Opinion pieces and Data can be found exclusively for Subscribers

View Special Reports

Data

Exclusive data compiled by our expert analysts on major trends in the sector.

View Data

Subscriber Editions

Read our latest subscriber edition, as well as the archives, to see features, commentary, analysis and more.

View Subscriber Editions

Country Surveys

Access country reports containing market sizing data along with local insight on trends, topics and issues impacting that countries payments sector

See Country Surveys

Fintrack Editions

Every month, FinTrack will showcase the latest innovations from financial providers around the world. Each innovation is assessed and rated on key criteria, to assist with identifying, tracking & understanding key innovation globally.

Alarming rise in card ID theft in UK

By EPI editorial March 25, 2009

Although payment card fraud in the UK was on the increase in 2008, card identity theft displayed the most dramatic rise and prompted the greatest concern among security experts. Fortunately, banks are harnessing cutting-edge technology to counter the tough challenge this type of theft represents.

Notching up its second double-digit increase in two years, payment card fraud in the UK jumped by 14 percent in 2008, data released by payments industry body APACS reveals.

Putting a positive spin on the data, APACS noted that, although card fraud losses increased, as a percentage of payment card turnover they amounted to 0.12 percent, down from 0.14 percent of turnover in 2004. APACS attributed the decline in part to the positive effect of chip and PIN security.

Largest cause of losses in 2008 was again card-not-present (CNP) fraud, at £328.4 million ($482 million), up 13 percent compared with 2007 and accounting for 54 percent of total card fraud. Losses were incurred on internet, phone and mail order transactions.

APACS stressed that increased CNP fraud should be seen alongside growing use of online and phone shopping channels, as well as increasing numbers of businesses accepting cards remotely.

APACS also noted that from 2001 to 2008, CNP losses increased by 243 percent while total online shopping transactions increased 524 percent from £6.6 billion in 2001 to £41.2 billion in 2008.

Gaining ground on CNP fraud in 2008 were losses sustained as a result of counterfeit fraud which rose 18 percent to £169.8 million. APACS said the vast majority of this fraud is due to criminals stealing card details in the UK to make counterfeit magnetic stripe cards for use in countries yet to upgrade to chip and PIN.

“The industry continues to apply pressure on those countries such as the US where chip and PIN has still to be rolled out,” noted APACS.

However, it was neither CNP nor counterfeit fraud that drew most attention from payments security experts. Of greatest concern was a 39 percent rise in card identification (ID) theft to £54.1 million in 2008. In essence, card ID theft relates to a situation where someone fraudulently obtains card and PIN details and uses them on an ongoing basis.

“The increase in card identity theft is the most alarming trend outlined in the APACS 2008 fraud figures,” said David Dix, electronic payments expert at security specialist Cryptomathic.

Serious and complicated crime

Although CNP fraud, for example, offers attention-grabbing headlines its overall contribution to UK fraud is more or less stable, Dix continued.

“In comparison, card ID theft rose from 6 to 8 percent of total fraud – up by a third. This represents a frightening rise of a very serious and complicated crime,” said Dix.

“The one statistic that was immediately notable was the increase in card ID theft,” said Weatherhead.

One consideration in the fight against card ID theft is consumer education, said Weatherhead. This includes encouraging consumers to shred card statements when disposing of them, changing PINs regularly and carefully checking statements, she explained.

However, she continued, there are techniques banks can use to help prevent fraud.

One approach many banks are adopting is to monitor all activity on an account, financial and non-financial, and combining intelligence about how a customer uses all their cards and accounts, not just an individual one, said Weatherhead.

“This helps banks build up a complete profile of that individual – how often they travel, where they tend to shop, how much they usually spend – so that as soon as a transaction occurs that is outside that customer’s usual spending patterns, alarm bells start ringing and that transaction can be flagged as suspicious,” she said.

“What is important is that the banks detect suspicious activity as soon as the account is taken over, otherwise the fraudster will build up their own ‘profile’ so activity may appear genuine,” she stressed.

The logical step forward from customer profiling is use of tools such as short message service (SMS) alerting, which banks are starting to implement to help them stop fraud early, said Weatherhead.

“SMS alerting means that if suspicious activity occurs, over a certain value, or in a type of outlet the customer hasn’t used before, the bank can send a text message to the customer immediately, informing them of the transaction and asking them to respond if it isn’t genuine,” she explained.

This approach, she added, can also be used to confirm with customers that they have changed their address or requested a new PIN for example, which can be a first sign of account takeover.

“This combination of activity can enable banks to block compromised cards quickly, protecting themselves from losses, and also building confidence with members of the public that they are protected too,” Weather-head explained.

Unfortunately, she fears when APACS’ statistics for 2009 come out they will show similar trends to those seen in 2008.

“But as banks embrace the latest technology, just maybe some of these numbers will start to come down,” she concluded.